Wireshark Fixes 3 Vulnerabilities

Tuesday, September 4, 2018 @ 11:09 AM gHale

Wireshark cleared three vulnerabilities that could allow an unauthenticated, remote attacker to crash vulnerable installations.

In a further reason to patch as quickly as possible, proof-of-concept (PoC) code that demonstrates an exploit of each of the vulnerabilities is publicly available, said researchers at Cisco.

RELATED STORIES
Zero Day Micropatch for Windows Task Scheduler
Windows 10 Zero Day Discovered
Hackers Leverage Patched Vulnerability
Lessons Learned One Year After Triton

Wireshark is the world’s most popular network protocol analyzer. The software is free and open source.

The vulnerabilities – CVE-2018-16056, CVE-2018-16057 and CVE-2018-16058 – affect three components of Wireshark: Bluetooth Attribute Protocol (ATT) dissector, Radiotap dissector, and Audio/Video Distribution Transport Protocol (AVDTP) dissector.

The vulnerabilities can end up leveraged by an attacker by injecting a malformed packet into a network, to be processed by the affected application, or by convincing a targeted user to open a malicious packet trace file.

Wireshark users should upgrade to one of the fixed versions: 2.6.3, 2.4.9, or 2.2.17.

Cisco also advises users to use firewalls and antivirus apps to minimize the potential of inbound and outbound threats, and to allow only trusted users to have network access and trusted systems to access the affected systems.



Leave a Reply

You must be logged in to post a comment.